Package org.forgerock.opendj.ldap.controls

Class AuthorizationIdentityResponseControl

java.lang.Object
org.forgerock.opendj.ldap.controls.AuthorizationIdentityResponseControl
All Implemented Interfaces:
Control
public final class AuthorizationIdentityResponseControl extends Object implements Control
The authorization response control as defined in RFC 3829. The authorization identity control extends the Lightweight Directory Access Protocol (LDAP) bind operation with a mechanism for requesting and returning the authorization identity it establishes.

The authorization identity is specified using an authorization ID, or authzId, as defined in RFC 4513 section 5.2.1.8.

The following excerpt shows how to get the authorization identity established when binding to the directory server. 

 Connection connection = ...;
 String bindDN = ...;
 String bindPassword = ...;

 BindRequest request =
         Requests.newSimpleBindRequest(bindDN, bindPassword.toCharArray())
             .addControl(AuthorizationIdentityRequestControl
                     .newControl(true));

 BindResult result = connection.bind(request);
 AuthorizationIdentityResponseControl control =
         result.getControl(AuthorizationIdentityResponseControl.DECODER,
                 new DecodeOptions());
 // Authorization ID returned: control.getAuthorizationID()
See Also:

  • Field Details

  • Method Details

    • newControl

      public static AuthorizationIdentityResponseControl newControl(String authorizationID)
      Creates a new authorization identity response control using the provided authorization ID.
      Parameters:
      authorizationID - The authorization ID for this control.
      Returns:
      The new control.
      Throws:
      NullPointerException - If authorizationID was null.

    • newControl

      public static AuthorizationIdentityResponseControl newControl(Dn authorizationDn)
      Creates a new authorization identity response control using the provided authorization ID.
      Parameters:
      authorizationDn - The authorization DN for this control, may be null.
      Returns:
      The new control.

    • getAuthorizationId

      public String getAuthorizationId()
      Returns the authorization ID of the user. The authorization ID usually has the form "dn:" immediately followed by the distinguished name of the user, or "u:" followed by a user ID string, but other forms are permitted.
      Returns:
      The authorization ID of the user.

    • getOid

      public String getOid()
      Description copied from interface: Control
      Returns the numeric OID associated with this control.
      Specified by:
      getOid in interface Control
      Returns:
      The numeric OID associated with this control.

    • getValue

      public ByteString getValue()
      Description copied from interface: Control
      Returns the value, if any, associated with this control. Its format is defined by the specification of this control.
      Specified by:
      getValue in interface Control
      Returns:
      The value associated with this control, or null if there is no value.

    • hasValue

      public boolean hasValue()
      Description copied from interface: Control
      Returns true if this control has a value. In some circumstances it may be useful to determine if a control has a value, without actually calculating the value and incurring any performance costs.
      Specified by:
      hasValue in interface Control
      Returns:
      true if this control has a value, or false if there is no value.

    • isCritical

      public boolean isCritical()
      Description copied from interface: Control
      Returns true if it is unacceptable to perform the operation without applying the semantics of this control.

      The criticality field only has meaning in controls attached to request messages (except UnbindRequest). For controls attached to response messages and the UnbindRequest, the criticality field SHOULD be false, and MUST be ignored by the receiving protocol peer. A value of true indicates that it is unacceptable to perform the operation without applying the semantics of the control.

      Specified by:
      isCritical in interface Control
      Returns:
      true if this control must be processed by the Directory Server, or false if it can be ignored.

    • toString

      public String toString()
      Overrides:
      toString in class Object

    • getAlias

      public String getAlias()
      Description copied from interface: Control
      Returns the control "friendly name" alias for the control.
      Specified by:
      getAlias in interface Control
      Returns:
      "Friendly name" alias for the control.